eaf7560a0b4d59978ad8a0a5bf28dba6d809c1d5c1670542b95fcd5e4f237e32

Sharing

Copy URL Twitter E-mail

General

Target

eaf7560a0b4d59978ad8a0a5bf28dba6d809c1d5c1670542b95fcd5e4f237e32
Size

370KB
MD5

b055fbf8f6bc1f54fb39db87781409a4
SHA1

97f95fee8a051c4a65e6168d7167506471bcc433
SHA256

eaf7560a0b4d59978ad8a0a5bf28dba6d809c1d5c1670542b95fcd5e4f237e32
SHA512

c9a51fa1177f463a9c2e2e28c464c0e6915d7c29fb06efc932ffbef6f3110d7bca2d69c0773482196ff429e7b8610bd1dc3bc3ae008059db817f1cf94ab758e4
SSDEEP

6144:6sNUo3GyrN/KDFBFLu9rgF7+jI7xsbDQf6GxlqpnOXQhtyYLy7d8LaaxVpDRFgE+:BSo3GW/K98EFSjIqn+CtZWmLfLpfgd

Score

N/A

Malware Config

Signatures

Files

eaf7560a0b4d59978ad8a0a5bf28dba6d809c1d5c1670542b95fcd5e4f237e32
.exe windows x86

6a8599c5a6dfa7899de9667a3a424afc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathIsContentTypeA
SHGetValueA
SHQueryValueExA

comdlg32

GetOpenFileNameA
ChooseColorA

advapi32

RegQueryValueExA
RegDeleteKeyA
RegLoadKeyA

ole32

ReleaseStgMedium
CoGetMalloc
CoGetObjectContext
CoReleaseMarshalData
CoCreateGuid
CoCreateFreeThreadedMarshaler
CreateOleAdviseHolder
CoRevokeClassObject
OleRegGetUserType

kernel32

VirtualAllocEx
LocalFree
lstrlenA
ExitThread
LocalReAlloc
lstrcatA
WriteFile
ExitProcess
lstrlenW
VirtualFree
GetCommandLineW
MoveFileA
LoadLibraryA
LocalAlloc
WideCharToMultiByte
VirtualQuery
VirtualAlloc
GetCommandLineA
WaitForSingleObject
lstrcpyA
lstrcmpiA
GetModuleHandleA
lstrcmpA
SizeofResource
IsBadReadPtr
lstrcpynA
HeapDestroy
MoveFileExA
GetProcAddress
MulDiv

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

user32

InsertMenuItemA
KillTimer
IsWindowUnicode
IsWindowEnabled
IsIconic
IsWindowVisible
GetSysColorBrush
GetWindowThreadProcessId
GetScrollRange
GetWindowRect
GetWindow
GetTopWindow
GetSysColor
InsertMenuA
GetSystemMenu
GetWindowLongW
IsDialogMessageW
InvalidateRect
IsChild
GetWindowTextA
InflateRect
GetWindowPlacement
GetWindowDC
IsZoomed
IsWindow
IsDialogMessageA
GetSubMenu
IsRectEmpty
IntersectRect
GetWindowLongA

gdi32

GetDIBColorTable
SelectObject
GetClipBox
CreateCompatibleBitmap
GetPixel
GetDIBits
GetDCOrgEx
GetCurrentPositionEx
RestoreDC
CopyEnhMetaFileA

msvcrt

atol
wcscspn

shell32

SHGetFileInfoA

comctl32

ImageList_Read

Sections

CODE
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 629B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc1
Size: 1024B - Virtual size: 794B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc7
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc3
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc9
Size: 282KB - Virtual size: 281KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc6
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6a8599c5a6dfa7899de9667a3a424afc

Headers

File Characteristics

Imports

shlwapi

comdlg32

advapi32

ole32

kernel32

version

user32

gdi32

msvcrt

shell32

comctl32

Sections

CODE Size: 78KB - Virtual size: 77KB

.data Size: 1024B - Virtual size: 629B

.rsrc1 Size: 1024B - Virtual size: 794B

.rsrc7 Size: 1KB - Virtual size: 1KB

.rsrc3 Size: 1KB - Virtual size: 1KB

.rsrc9 Size: 282KB - Virtual size: 281KB

.rsrc6 Size: 3KB - Virtual size: 3KB

.rsrc Size: 1024B - Virtual size: 976B

CODE
Size: 78KB - Virtual size: 77KB

.data
Size: 1024B - Virtual size: 629B

.rsrc1
Size: 1024B - Virtual size: 794B

.rsrc7
Size: 1KB - Virtual size: 1KB

.rsrc3
Size: 1KB - Virtual size: 1KB

.rsrc9
Size: 282KB - Virtual size: 281KB

.rsrc6
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 976B